Mobile communications devices often contain smart cards. The smart cards are used to carry out particular processing tasks. Smart cards usually have memory means and processor means. The memory means often carries personal and/or secret data which can, for example, identify a particular user or enable access to services, data and otherwise secure locations. Smart cards are particularly suited to holding information securely because the information is stored in hardware. Hardware is more tamper-resistant than software.
A smart card and a device which is used to read it, for example a communications device, communicate by means of Application Protocol Data Units (APDUs). Commands sent to a smart card are sent in the form is a Command-APDUs (or C-APDUs) which may activate a response from a card. APDUs are defined in the relevant smart cards standards such as those issued by ISO/IEC. Command-APDUs are used in obtaining information from smart cards.
Generally smart cards can be removed from the devices in which they are used. An example of a smart card is a Subscriber Identity Module (SIM) card which is currently used in mobile telephones. Other types of SIM cards have been proposed, for example for third generation systems, such the Universal Mobile Telephone System (UMTS). Such third generation SIM cards are referred to as USIMs.
Modern communications devices, particularly mobile communications devices, are increasingly being used for a diverse range of activities in addition to conventional telephony. These activities include information gathering, particularly from the Internet, conducting transactions, such as the purchase of goods and/or services or using a banking service. Mobile and static communications devices exist which are not used for voice telephony but are primarily used for various types of data communication or exchange.
As communications devices are being used for a more diverse range of services, they need a variety of application programs to provide and interact with these services. Conveniently, application programs are stored on a storage medium in the communications devices, for example SIMs.
Since the services provided by the application programs are valuable it is desirable to restrict access so that they can only be accessed by authorised users. Access is usually restricted by means of a personal identification number code, a so-called PIN code, which needs to be input into the terminal to allow access to the relevant application program.
It has been proposed to provide a plurality of application programs for a communications terminal on the same storage medium and provide a separate PIN for each application program. A disadvantage of this approach is that a user of the plurality of application programs needs to remember or record a plurality of PIN codes.
WO 98/32089 proposes storing a number of different application programs on a SIM card for a communication terminal. It further proposes that a user in possession of several SIM cards can switch between them to use different applications in the communications terminal. Not only is it inconvenient for a user to carry around a number of SIM cards, but it is also inconvenient to exchange one for another in the communications terminal, especially since each will probably have associated with it its own PIN code. In can be difficult for a user to remember which PIN code corresponds to which SIM-card.